package cn.aixuxi.security.client.controller;

import cn.aixuxi.security.client.dto.UserDTO;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController;

/**
 * 类描述
 *
 * @author ruozhuliufeng
 * @version 1.0
 * @date 2021/5/18 23:44
 */
@RestController
public class ClientController {

    @GetMapping("test")
    @PreAuthorize("hasAuthority('test')")// 拥有test权限方可访问
    public String test(){
        // 获取用户信息
        UserDTO userDTO = (UserDTO) SecurityContextHolder.getContext().getAuthentication().getPrincipal();
        return userDTO.getUsername()+"访问资源";
    }
}
